Lucene search
K

479 matches found

OpenVAS
OpenVAS
added 2022/12/03 12:0 a.m.16 views

Fedora: Security Advisory for fastnetmon (FEDORA-2022-5d37367673)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.4CVSS5.5AI score0.00852EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/09/01 12:0 a.m.32 views

ManageEngine NetFlow Analyzer getDNSResolveOption Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine NetFlow Analyzer. Authentication is required to exploit this vulnerability. The specific flaw exists within the getDNSResolveOption function. The issue results from the lack of proper...

7.2CVSS4.2AI score0.78326EPSS
Exploits0References1
Prion
Prion
added 2022/08/29 9:15 p.m.20 views

Code injection

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature...

6.5CVSS8.8AI score0.77618EPSS
Exploits0References2Affected Software6
Cvelist
Cvelist
added 2022/08/29 8:21 p.m.46 views

CVE-2022-38772

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature...

9.1AI score0.77618EPSS
Exploits0References2
CVE
CVE
added 2022/08/29 8:21 p.m.65 views

CVE-2022-38772

Summary: CVE-2022-38772 affects Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils. The issue is a command injection in the getNmapInitialOption function that allows authenticated users to perform database changes leading to re...

8.8CVSS8.9AI score0.77618EPSS
Exploits0References2Affected Software6
Zero Day Initiative
Zero Day Initiative
added 2022/08/18 12:0 a.m.28 views

ManageEngine NetFlow Analyzer getUserAPIKey Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of ManageEngine NetFlow Analyzer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getUserAPIKey function. The issue results from the lack of authenticati...

9.4CVSS2.9AI score0.0793EPSS
Exploits0References1
OSV
OSV
added 2022/08/10 8:16 p.m.4 views

CVE-2022-37024

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution...

8.8CVSS6AI score0.78326EPSS
Exploits0References1
NVD
NVD
added 2022/08/10 8:16 p.m.19 views

CVE-2022-36923

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

7.5CVSS0.0793EPSS
Exploits0References1
Prion
Prion
added 2022/08/10 8:16 p.m.18 views

Design/Logic Flaw

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

5CVSS7.4AI score0.0793EPSS
Exploits0References1Affected Software7
Prion
Prion
added 2022/08/10 8:16 p.m.15 views

Remote code execution

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution...

6.5CVSS8.9AI score0.78326EPSS
Exploits0References1Affected Software7
Cvelist
Cvelist
added 2022/08/10 2:17 p.m.44 views

CVE-2022-36923

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

7.7AI score0.0793EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/10 2:17 p.m.1 views

CVE-2022-36923

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

7.2AI score0.0793EPSS
Exploits0References1
CVE
CVE
added 2022/08/10 2:17 p.m.458 views

CVE-2022-36923

CVE-2022-36923 affects Zoho ManageEngine products (OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils) with an authentication bypass that allows an unauthenticated attacker to retrieve a user’s API key and use external APIs. T...

7.5CVSS7.3AI score0.0793EPSS
In wildExploits0References1Affected Software7
Positive Technologies
Positive Technologies
added 2022/08/10 12:0 a.m.5 views

PT-2022-23689

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine OpManager versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager Plus versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager MSP versions before 2022-07-27 through 2022-07-28 Zoho...

7.5CVSS7.5AI score0.0793EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.6 views

多款ZOHO ManageEngine产品安全漏洞

ZOHO ManageEngine OpManager and others are products of ZOHO India.ZOHO ManageEngine OpManager is a suite of network, server and virtualization monitoring software.ZOHO ManageEngine OpManager Plus is an IT operations management solution for Windows and Linux systems. ZOHO ManageEngine OpManager Pl...

8.8CVSS8.6AI score0.78326EPSS
Exploits0References2
CVE
CVE
added 2022/08/09 3:15 p.m.74 views

CVE-2022-37024

Summary (CVE-2022-37024) : Multiple Zoho ManageEngine products (OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, OpUtils) prior to 2022-07-29 are affected by a remote code execution flaw. The root cause is insufficient input validation in the getDNSResolv...

8.8CVSS8.9AI score0.78326EPSS
Exploits0References1Affected Software7
CNVD
CNVD
added 2022/04/01 12:0 a.m.27 views

Zoho ManageEngine Netflow Analyzer Professional跨站脚本漏洞

ZOHO ManageEngine Netflow Analyzer is a web-based bandwidth monitoring tool from ZOHO, Inc. A cross-site scripting vulnerability exists in ZOHO ManageEngine Netflow Analyzer Professional version 7.0.0.2, which stems from the lack of proper validation of client-side data by the web application and...

6.1CVSS4.5AI score0.02688EPSS
Exploits2References1
Veracode
Veracode
added 2021/12/12 11:33 p.m.28 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service attacks. A user with root access is able to panic the system when issuing netfilter netflow commands...

4.4CVSS5.4AI score0.00242EPSS
Exploits0References4Affected Software2
RedHat Linux
RedHat Linux
added 2021/11/09 6:6 p.m.3 views

kernel: flowtable list del corruption with kernel BUG at lib/list_debug.c:50

A flaw was found in the Linux kernel netfilter implementation. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.9CVSS7.1AI score0.00242EPSS
Exploits0References4
CNVD
CNVD
added 2021/10/14 12:0 a.m.17 views

Zoho ManageEngine OpManager SQL Injection Vulnerability (CNVD-2021-88241)

ZOHO ManageEngine OpManager is an end-to-end integrated network management software that enables comprehensive, visual, unified and centralized monitoring and management of IT infrastructure, including network devices, servers, hosts, WAN links, applications and services, within an enterprise...

9.8CVSS3.8AI score0.03323EPSS
Exploits0References1
Rows per page
Query Builder